Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
*/
/*
* Portions Copyrighted 2014-2015 ForgeRock AS.
* Portions Copyrighted 2026 3A Systems, LLC
*/
package com.sun.identity.entitlement;

Expand Down Expand Up @@ -228,25 +229,33 @@ public boolean equals(Object obj) {
return false;
}
LogicalCondition object = (LogicalCondition) obj;
if (eConditions == null) {
if (object.getEConditions() != null) {
// Read both sides through the accessors: subclasses may keep the nested
// conditions elsewhere and override the getters (NotCondition holds a single
// condition and leaves these fields null), so reading this.field against
// object.getter() would compare two different representations.
Set<EntitlementCondition> thisEConditions = getEConditions();
Set<EntitlementCondition> otherEConditions = object.getEConditions();
if (thisEConditions == null) {
if (otherEConditions != null) {
return false;
}
} else { // eConditions not null
if ((object.getEConditions()) == null) {
if (otherEConditions == null) {
return false;
} else if (!eConditions.containsAll(object.getEConditions())) {
} else if (!thisEConditions.containsAll(otherEConditions)) {
return false;
} else if (!object.getEConditions().containsAll(eConditions)) {
} else if (!otherEConditions.containsAll(thisEConditions)) {
return false;
}
}
if (pConditionName == null) {
if (object.getPConditionName() != null) {
String thisPConditionName = getPConditionName();
String otherPConditionName = object.getPConditionName();
if (thisPConditionName == null) {
if (otherPConditionName != null) {
return false;
}
} else {
if (!pConditionName.equals(object.getPConditionName())) {
if (!thisPConditionName.equals(otherPConditionName)) {
return false;
}
}
Expand Down
68 changes: 65 additions & 3 deletions openam-federation/OpenFM/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,6 @@
<description>OpenAM Federation</description>
<artifactId>OpenFM</artifactId>
<packaging>jar</packaging>
<properties>
<skipTests>true</skipTests>
</properties>
<profiles>
<profile>
<id>set-compiler-release</id>
Expand All @@ -59,6 +56,71 @@
</profiles>
<!-- Build -->
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<!--
The excluded classes are OpenSSO-era tests that ran inside a deployed OpenAM:
they obtain an Application SSO token via AdminTokenAction and drive
ServiceManager/IdRepo directly. Outside a configured server they fail in the
constructor or in @BeforeClass, and TestNG aborts the entire suite when one
test class cannot be instantiated. That is why this module carried a blanket
skipTests property from 2013 until 2026, hiding every test it owns.

Excluding them by name keeps the remaining unit tests running, and any newly
added test is still picked up by surefire's default patterns. Reviving the
list below needs a live OpenAM.
-->
<excludes>
<!-- whole packages: every test here drives a live server -->
<exclude>com/sun/identity/policy/*.java</exclude>
<exclude>com/sun/identity/rest/*.java</exclude>
<exclude>com/sun/identity/xacml/**/*.java</exclude>
<!-- in-container harness leftovers, not tests themselves -->
<exclude>com/sun/identity/unittest/TestHarness.java</exclude>
<exclude>com/sun/identity/unittest/TestListener.java</exclude>
<!-- entitlement: unit tests share these packages, so list per class -->
<exclude>com/sun/identity/entitlement/AndConditionEvalTest.java</exclude>
<exclude>com/sun/identity/entitlement/ApplicationCacheAfterRealmChangeTest.java</exclude>
<exclude>com/sun/identity/entitlement/ApplicationCreatorNDateTest.java</exclude>
<exclude>com/sun/identity/entitlement/ApplicationDelegationTest.java</exclude>
<exclude>com/sun/identity/entitlement/ApplicationFilterTest.java</exclude>
<exclude>com/sun/identity/entitlement/ApplicationPrivilegeMetaTest.java</exclude>
<exclude>com/sun/identity/entitlement/ApplicationTypeTest.java</exclude>
<exclude>com/sun/identity/entitlement/CanBeDeletedAppTest.java</exclude>
<exclude>com/sun/identity/entitlement/DecisionMergeTest.java</exclude>
<exclude>com/sun/identity/entitlement/DelegationIsAllowedSubResourceTest.java</exclude>
<exclude>com/sun/identity/entitlement/DelegationPrivilegeIdRepoAccessTest.java</exclude>
<exclude>com/sun/identity/entitlement/DelegationPrivilegeSubResourceTest.java</exclude>
<exclude>com/sun/identity/entitlement/DelegationPrivilegeTest.java</exclude>
<exclude>com/sun/identity/entitlement/HttpStarEvaluationTest.java</exclude>
<exclude>com/sun/identity/entitlement/IdentityGroupToEntitlementGroupTest.java</exclude>
<exclude>com/sun/identity/entitlement/IDPPTest.java</exclude>
<exclude>com/sun/identity/entitlement/log/LogTest.java</exclude>
<exclude>com/sun/identity/entitlement/MultiWildcardEvalTest.java</exclude>
<exclude>com/sun/identity/entitlement/opensso/EntitlementServiceTest.java</exclude>
<exclude>com/sun/identity/entitlement/opensso/RealmRemovedTest.java</exclude>
<exclude>com/sun/identity/entitlement/OrConditionEvalTest.java</exclude>
<exclude>com/sun/identity/entitlement/OrgAliasReferralTest.java</exclude>
<exclude>com/sun/identity/entitlement/PrivilegeDelegationTest.java</exclude>
<exclude>com/sun/identity/entitlement/PrivilegeManagerTest.java</exclude>
<exclude>com/sun/identity/entitlement/ReferralPrivilegeRemovalTest.java</exclude>
<exclude>com/sun/identity/entitlement/ReferralPrivilegeTest.java</exclude>
<exclude>com/sun/identity/entitlement/ReferralPrivilegeWithRemovedRealmTest.java</exclude>
<exclude>com/sun/identity/entitlement/ReferredResourcesTest.java</exclude>
<exclude>com/sun/identity/entitlement/SingleWildCardEvaluatorTest.java</exclude>
<exclude>com/sun/identity/entitlement/SubRealmEvaluationTest.java</exclude>
<exclude>com/sun/identity/entitlement/SubRealmGroupTest.java</exclude>
<exclude>com/sun/identity/entitlement/TestAttributeEvaluator.java</exclude>
<exclude>com/sun/identity/entitlement/TestEvaluator.java</exclude>
<exclude>com/sun/identity/entitlement/TestGroupEvaluator.java</exclude>
<exclude>com/sun/identity/entitlement/XACMLExportTest.java</exclude>
</excludes>
</configuration>
</plugin>
</plugins>
<resources>
<resource>
<directory>src/main/resources</directory>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@
*
* $Id: PriivlegeNameValidation.java,v 1.1 2009/11/25 18:09:50 veiming Exp $
*/
/*
* Portions Copyrighted 2026 3A Systems, LLC
*/

package com.sun.identity.entitlement;

Expand All @@ -33,53 +36,53 @@
*
* @author dennis
*/
public class PriivlegeNameValidation {
public class PrivilegeNameValidationTest {

@Test
public void allLetters() throws Exception {
if (!PrivilegeManager.isNameValid("test")) {
throw new Exception(
"PriivlegeNameValidation.allLetters test failed");
"PrivilegeNameValidationTest.allLetters test failed");
}
}

@Test
public void allNumeric() throws Exception {
if (!PrivilegeManager.isNameValid("999")) {
throw new Exception(
"PriivlegeNameValidation.allNumeric test failed");
"PrivilegeNameValidationTest.allNumeric test failed");
}
}

@Test
public void allAlphaNumeric() throws Exception {
if (!PrivilegeManager.isNameValid("test123")) {
throw new Exception(
"PriivlegeNameValidation.allAlphaNumeric test failed");
"PrivilegeNameValidationTest.allAlphaNumeric test failed");
}
}

@Test
public void withUnderscore() throws Exception {
if (!PrivilegeManager.isNameValid("test_123")) {
throw new Exception(
"PriivlegeNameValidation.withUnderscore test failed");
"PrivilegeNameValidationTest.withUnderscore test failed");
}
}

@Test
public void withDash() throws Exception {
if (!PrivilegeManager.isNameValid("test-12")) {
throw new Exception(
"PriivlegeNameValidation.withDash test failed");
"PrivilegeNameValidationTest.withDash test failed");
}
}

@Test
public void withSpecialChar() throws Exception {
if (PrivilegeManager.isNameValid("test^")) {
throw new Exception(
"PriivlegeNameValidation.withDash test failed");
"PrivilegeNameValidationTest.withSpecialChar test failed");
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@
*/
public class ResourceNameSplitTest {
@Test
public boolean testHost()
public void testHost()
throws Exception {
ResourceNameSplitter splitter = new ResourceNameSplitter();
Map<String, Set<String>> map = parseResource("resourceNameSplitHost");
Expand All @@ -53,35 +53,31 @@ public boolean testHost()
ResourceSearchIndexes comp = splitter.getIndexes(k, null);
Set<String> results = comp.getHostIndexes();
if (!results.equals(set)) {
String msg = "ResourceNameSplitTest.testHost: " + k +
String msg = "ResourceNameSplitTest.testHost: " + k +
" failed.";
UnittestLog.logError(msg);
throw new Exception(msg);
}
}

return true;
}

@Test
public boolean testPath()
public void testPath()
throws Exception {
ResourceNameSplitter splitter = new ResourceNameSplitter();
Map<String, Set<String>> map = parseResource("resourceNameSplitURI");
for (String k : map.keySet()) {
Set<String> set = map.get(k);

ResourceSearchIndexes comp = splitter.getIndexes(k, null);
Set<String> results = comp.getPathIndexes();
if (!results.equals(set)) {
String msg = "ResourceNameSplitTest.testPath: " + k +
String msg = "ResourceNameSplitTest.testPath: " + k +
" failed.";
UnittestLog.logError(msg);
throw new Exception(msg);
}
}

return true;
}

private Map<String, Set<String>> parseResource(String rbName) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2014 ForgeRock AS.
* Portions Copyrighted 2026 3A Systems, LLC
*/

package com.sun.identity.workflow;
Expand Down Expand Up @@ -164,7 +165,9 @@ public void testCollectAuthModuleAttributes() throws Exception {
assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_ID), "fred");
assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_SECRET), "freddy");
assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_TYPE), "client_secret");
assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE), "freddy");
// OPENAM-5851: under the client_secret crypto type the validation config value is
// ignored in favour of the client secret itself, so the wizard leaves it unset.
assertNull(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE));
assertEquals(getMapAttr(attrs, AUTH_MODULE_PROXY_URL), "http://example.com");
}

Expand All @@ -184,7 +187,7 @@ public void testCollectAuthModuleAttributesUsingWellKnownConfig() throws Excepti
assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_ID), "fred");
assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_SECRET), "freddy");
assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_TYPE), "client_secret");
assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE), "freddy");
assertNull(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE));
assertEquals(getMapAttr(attrs, AUTH_MODULE_PROXY_URL), "http://example.com");
assertEquals(getMapAttr(attrs, AUTH_MODULE_AUTH_URL), "http://local.example.com/auth");
assertEquals(getMapAttr(attrs, AUTH_MODULE_TOKEN_URL), "http://local.example.com/token");
Expand All @@ -211,7 +214,7 @@ public void testCollectAuthModuleAttributesUsingWellKnownConfigWithEmptyJwkUrl()

// Then
assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_TYPE), "client_secret");
assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE), "freddy");
assertNull(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE));
}

@Test
Expand Down
Loading
Loading